Many small businesses nationwide may be fully aware of the various threats that may exist when it comes to the sensitive data they protect for clients, customers, and workers alike, but it seems that companies of all sizes remain nonetheless relatively unprepared for incidents that could serve to compromise that information.
Businesses large and small often do not take even basic preventative measures when it comes to making sure the data they keep is protected from cybersecurity threats, according to a new survey from the online security firm Protiviti. In all, while more than two-thirds said they’ve increased their focus on this area in recent years, 21 percent of companies do not have formal plans for dealing with such threats, and another 13 percent said they don’t know whether they do or not.
“Cyber security must continue to be a major focus for businesses, especially in light of recent high-profile security breaches,” said Cal Slemp, managing director with Protiviti and global leader of the firm’s IT security and privacy practice. “While we’re seeing a greater number of companies across a wider range of industries devote more attention and resources to improving their approach to data security, there are still a lot of businesses that are susceptible to attacks.”
Further, 32 percent of those polled said their companies do not have a data encryption policy, and 22 percent also do not have one in place as a means of protecting information in general, the report said. Moreover, companies either seemed to be lagging when it comes to either making sure their most important data is safeguarded, or the same is true of all such information, Slemp said. On the other hand, there has been growth in the percentage of companies doing more to classify various types of data as being more or less important for protection.
Small businesses may be more vulnerable to these issues because they often do not have the resources, financial or otherwise, to devote to proper security. As such, small business insurance policies to protect against the fallout of these incidents — such as tech insurance — can help to remediate the often high costs associated with handling a data breach properly. In some cases, having such a policy can actually serve to insulate a business from losses that could endanger its very existence.